PHP password_needs_rehash() function

Author：Eve Cole Update Time：2024-12-28 11:24:01

The password_hash() function is used to check whether the hash value matches the specified options.

PHP version requirements: PHP 5 >= 5.5.0, PHP 7

grammar

 bool password_needs_rehash ( string $hash , int $algo [, array $options ] )

Parameter description:

hash: A hash value created by password_hash().

algo: A cryptographic algorithm constant used to indicate the algorithm used when hashing passwords.

options: an associative array containing options. Currently, two options are supported: salt, the salt (interference string) added when hashing the password, and cost, which is used to specify the number of levels of algorithm recursion. Examples of these two values can be found on the crypt() page. When omitted, a random salt value and default cost will be used.

return value

This function detects whether the specified hash value implements the provided algorithm and options. If not, the hash value needs to be regenerated.

Example

password_needs_rehash() usage

<?php $password = ' rasmuslerdorf ' ; $hash = ' $2y$10$YCFsG6elYca568hBi2pZ0.3LDL5wjgxct1N8w/oLR/jfHsiQwCqTS ' ; // The cost parameter can be modified when the hardware performance is improved. $options = array ( ' cost ' => 11 ) ; // Verify the stored hash against the clear text password if ( password_verify ( $password , $hash ) ) { // Check whether there is a newer hash algorithm available // Or cost changes if ( password_needs_rehash ( $hash , PASSWORD_DEFAULT , $options ) ) { // If so, create a new hash, replacing the old one $newHash = password_hash ( $password , PASSWORD_DEFAULT , $options ) ; } // Enable user to log in } ?>